What the Avon leak means for people who use cosmetics


A breach from Avon, the cosmetics giant was recently made public. They left one of their servers unprotected which lead to a leak of over 19 million private records including personal information about customers, employees and even info about the company’s IT infrastructure that could allow cyber criminals to get in and wreak havoc on Avon’s systems.

Over 7GB of data was left unprotected for 9 days and the breach included full names, phone numbers, dates of birth, email addresses, home addresses, and even GPS coordinates! It’s amazing that hackers haven’t yet taken actions that could permanently damage the Avon brand, namely, ransomware attacks and paralyzing the company’s payments infrastructure. So, if you or someone you know uses cosmetics, you might want to read the Takeaway section below.

The Takeaway

Do you keep an eye on your credit? Of course you do! Well, if your PII (personally identifiable information) made it’s way out of Avon’s database into the hands of a scammer you’re going to want to keep a close eye on your credit over the next few months. Be sure to check and see if your information could have been posted on haveibeenpwned.com and if in doubt, bring in a cyber security professional to look you up on the dark web. You might be surprised what information about you could already be out there.

Stay safe out there.

-A